[Tor2web-talk] Tor2web support for HTTPS on .onion
Giovanni Pellerano
giovanni.pellerano at evilaliv3.org
Tue Nov 18 10:28:40 CET 2014
Dear all,
We’re happy to announce the release of Tor2web 3.1.30 [1] that includes
support for access to .onion sites over TLS.
Tor2web[2] is HTTP proxy server software used for accessing onion sites.
The Tor2web support for TLS includes the following security features:
- TOFU (Trust on First Use) certificate validation by caching the
fingerprint of the .onion site
- Validation of CN (Common Name) and SANs (Subject Alternative Names)
specified in the certificate of the .onion domain.
As Facebook has recently opened its own onion site [3], we’ve been
coordinating this release with Alec Muffett from Facebook in order to
block access to Facebook by means of the Tor2web proxy. Because Facebook
has a normal website, using Tor2web merely presents an option for users
to hurt themselves. You can see the facebook block here:
https://facebookcorewwwi.tor2web.org
Current Tor2web conduits are:
- tor2web.org (running 2 out of 3 servers after recent server takedown
due to CryptoWall abuses)
- tor2web.fi by Ahmia (https://ahmia.fi)
- Onion.lt
- Onion.to (temporally dead after server takedown)
- tor2web.blutmagie.de (expired certificates)
We remind the community that Tor2web yearns for additional operators.
If you want to run a Tor2web conduit or otherwise support Tor2web:
- take a look at our wiki https://github.com/globaleaks/Tor2web-3.0/wiki
- join the tor2web-talk mailing list
http://lists.tor2web.org/mailman/listinfo/tor2web-talk
[1] https://github.com/globaleaks/Tor2web-3.0
[2] https://www.tor2web.org/
[3]
https://blog.torproject.org/blog/facebook-hidden-services-and-https-certs
-
Giovanni Pellerano - Founding Member
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org -
https://ahmia.fi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.globaleaks.org/pipermail/tor2web-talk/attachments/20141118/38855148/attachment.pgp>
More information about the Tor2web-talk
mailing list